System and method for cloud controlled common access entry point locking system

ABSTRACT

A cloud-based common access entry point locking control system and method for centrally controlling access to common access entry points from a plurality of mobile devices via a network comprising a cloud based management system, a mobile guest and host application, and a premise-based lock control system.

CROSS-REFERENCE TO RELATED APPLICATIONS

None.

BACKGROUND OF THE INVENTION

1. Field of the Art

The disclosure relates to the field of locking systems, and moreparticularly to the field of common access entry point locking systems.

2. Discussion of the State of the Art

It is common practice in an apartment complex or other establishmentswith common access entry points to require an individual seekingadmission to identify himself by speaking to the tenant over acommunication system. These systems are often outdated and tedious tonavigate.

A conventional access control system for a building or an apartmentcomplex that has a normally-latched common entrance door typically hasat least one main entrance unit (for example at a community front dooror a roadway gate), for selectively signaling a plurality of hard-wiredresidential access control stations installed inside of a plurality ofresidences operated by tenants to communicate with the tenants torequest and grant access. In some systems a tenant directory isinstalled at the common entrance for selecting the desired tenant. Thesesystems are costly to install, not easily maintained, and typicallyrequire a specialized resource to update the directory. Sincemulti-housing units are run by maximizing profit, other priorities takeprecedence before upgrading to entry mechanism. Often, directories donot get timely updated and provide for an undesirable user experience(for example, not finding a tenant by their name since their name wasnever updated).

In other buildings, the apartment building intercom and door releasearrangement is integrated with a regular central office telephone systemso that the tenant can communicate with the visitor from the telephonein his apartment typically over a landline where the tenant may controlthe entrance access to the common entrance door by the generating a DTMFdigit via the telephone keypad. Though a telephone-based system is astep forward, cheaper to implement, and more convenient than ahard-wired system, challenges exist when a visitor arrives in certaincircumstances. For example, while the tenant is on a regular phone callor the phone itself is unavailable because it is lost or does not havesufficient battery power.

What is needed is a centrally controlled system that allows to quicklyand efficiently control common access entry points such as common accessdoors and gates that is user friendly and leverages more moderncommunication methods and habits. Further, an entry system that canpotentially provide a revenue stream, may further increase adoption.

SUMMARY OF THE INVENTION

Accordingly, the inventor has conceived and reduced to practice, in apreferred embodiment of the invention, a cloud-based common access entrypoint locking control system and method.

According to a preferred embodiment of the invention, a common accessentry point lock management system (for example, a front door tomulti-unit housing, a gate, or any access-controlled entrance where aplurality of people that require access, must use), comprising anetwork-connected server with at least a memory and a processor andfurther comprising programmable instructions stored in the memory andoperating on the processor, the instructions adapted to a system forcommon access entry point lock management, comprises a configurationdatabase, a host configuration manager, a guest request manager, alocation manager, a security manager, and a communications manager. Oneor more locking devices are configured via the host configurationmanager and stored in the configuration database. In some embodiments,the host configuration manager is configured to determine that a mobiledevice, (for example, a smartphone, a tablet device, a wearableelectronic device, a key fob, an in-vehicle communication device, etc.)has been configured to allow access to a particular common access entrypoint. The guest request manager may be configured to receive accessrequests from mobile devices in order to lock and unlock one or morecommon access entry point locking devices. The location manager isconfigured to periodically receive global position information frommobile devices configured in the system. In some embodiments, thelocation manager is configured to receive an alert that a mobile deviceis within a predefined proximity of a common access entry point and maytake action on the event, for example, to automatically unlock thecommon access entry point. The security manager is configured to storeone or more identifiers corresponding to mobile devices and theassociated locking devices to which they have access. The communicationmanager may receive communication from the plurality of mobile devices,for example, an audio of video communication. In some embodiments, thesecurity manager is configured to receive an unlock request from aconfigured mobile device to unlock a particular common access entrypoint, the security manager then sends an unlock request to apremise-based lock manager connected to the common access entry point.In another embodiment, the security manager is configured to receive anunlock request from a mobile device to lock or unlock a common accessentry point. In another embodiment, the security manager may be used toquery the state of the lock, that is, whether or not the common accessentry point is locked. The security manager may be configured to send anunlock event to a premise-based lock manager connected to the commonaccess entry point.

In a preferred embodiment, the communication manager is configured tosend an unlock event automatically to a premise-based lock manager of acommon access entry point when the mobile device is in a pre-configuredphysical proximity to the common access entry point.

In a preferred embodiment, a locking device management system, comprisesa lock control interface, a communication manager, and a lock controlmanager. The lock control interface is connected to a lock of a commonaccess entry point and able to lock and unlock a locking mechanism by areceiving a lock or unlock request from the cloud or from a mobiledevice in proximity via a short-range wireless interconnectedarrangement (for example via Bluetooth™, iBeacon™, radio frequency (RF),near-field communication (NFC), etc.). The lock control manager isconfigured with a plurality of identifiers that are able to trigger anunlock event wherein the unlock event causes the locking mechanism tounlock. In another embodiment, the lock control manager is configured toaccept an alphanumeric code to trigger a lock or unlock event. Forexample, in an arrangement where a mobile device requests access to acommon access entry point, and the mobile device does not have anappropriate client mobile application installed, the common access entrypoint lock management system may send a code to the mobile device, forexample, via short message service (SMS) or email wherein the user ofthe mobile device may then, for example, type the code on a keypad or,in another embodiment, the code may be transmitted to a lock managementsystem electronically.

In a preferred embodiment, a mobile client application comprising anetwork-connected mobile device, a location manager, a communicationclient, a user interface, a user profile, and a key manager, isdisclosed. The location manager is configured to maintain a currentglobal position of the mobile device. The location information is thentransmitted to a common access entry point locking management system.The communication client is configured to communicate with a pluralityof subscribers configured in the common access entry point lockmanagement system configuration database. The user interface isconfigured to receive access requests form a user, for example toannounce an arrival at a location, or, in another embodiment, to requesta tenant directory, or some other information to assist in accessing acommon access entry point. The user profile is configured to store atleast access information to the common access entry point lockmanagement system, user identification, user preferences, and otherprofile information. The key manager is configured to store theidentification and location of a one or more a locking device managementsystem to which the user can request access. In some embodiments, theuser profile may be configured to automatically request access to thecommon access entry point locking management system when the locationmanager determines that it is within a predefined physical proximity toa locking device management system, for example, with no userintervention. In this regard, an unlock event may happen automaticallyform the cloud, or from direct connection from a connected device (forexample, Bluetooth™, iBeacon™, etc.)

It should be appreciated that a wide variety of specific implementationsmay be possible according to the invention. It should also beappreciated that a common access entry point locking management system,premise locking devices, and mobile client application may be operatedindependently of each other as dedicated systems.

BRIEF DESCRIPTION OF THE DRAWING FIGURES

The accompanying drawings illustrate several embodiments of theinvention and, together with the description, serve to explain theprinciples of the invention according to the embodiments. It will beappreciated by one skilled in the art that the particular embodimentsillustrated in the drawings are merely exemplary, and are not to beconsidered as limiting of the scope of the invention or the claimsherein in any way.

FIG. 1 is a block diagram illustrating an exemplary hardwarearchitecture of a computing device used in an embodiment of theinvention.

FIG. 2 is a block diagram illustrating an exemplary logical architecturefor a client device, according to an embodiment of the invention.

FIG. 3 is a block diagram showing an exemplary architectural arrangementof clients, servers, and external services, according to an embodimentof the invention.

FIG. 4 is another block diagram illustrating an exemplary hardwarearchitecture of a computing device used in various embodiments of theinvention.

FIG. 5 is a block diagram illustrating an exemplary system architecturefor operating a cloud controlled common access entry point lock system,according to a preferred embodiment of the invention.

FIG. 6 is a block diagram illustrating a more detailed view of a cloudaccess manager for use in operating a cloud controlled common accessentry point lock system, according to an embodiment of the invention.

FIG. 7 is a block diagram illustrating a more detailed view of apremise-based lock manager and client operation for use in operating acloud controlled common access entry point lock system, according to anembodiment of the invention.

FIG. 8 is a block diagram of an exemplary interface for operating acloud controlled common access entry point lock system, according to anembodiment of the invention.

FIG. 9 is a block diagram of an exemplary method for accessing a commonaccess entry point.

FIG. 10 is a block diagram of an exemplary method for unlocking a commonaccess entry point using a mobile application.

DETAILED DESCRIPTION

The inventor has conceived, and reduced to practice, in a preferredembodiment of the invention, a cloud-based common access entry pointlocking control system and method.

One or more different inventions may be described in the presentapplication. Further, for one or more of the inventions describedherein, numerous alternative embodiments may be described; it should beappreciated that these are presented for illustrative purposes only andare not limiting of the inventions contained herein or the claimspresented herein in any way. One or more of the inventions may be widelyapplicable to numerous embodiments, as may be readily apparent from thedisclosure. In general, embodiments are described in sufficient detailto enable those skilled in the art to practice one or more of theinventions, and it should be appreciated that other embodiments may beutilized and that structural, logical, software, electrical and otherchanges may be made without departing from the scope of the particularinventions. Accordingly, one skilled in the art will recognize that oneor more of the inventions may be practiced with various modificationsand alterations. Particular features of one or more of the inventionsdescribed herein may be described with reference to one or moreparticular embodiments or figures that form a part of the presentdisclosure, and in which are shown, by way of illustration, specificembodiments of one or more of the inventions. It should be appreciated,however, that such features are not limited to usage in the one or moreparticular embodiments or figures with reference to which they aredescribed. The present disclosure is neither a literal description ofall embodiments of one or more of the inventions nor a listing offeatures of one or more of the inventions that must be present in allembodiments.

Headings of sections provided in this patent application and the titleof this patent application are for convenience only, and are not to betaken as limiting the disclosure in any way.

Devices that are in communication with each other need not be incontinuous communication with each other, unless expressly specifiedotherwise. In addition, devices that are in communication with eachother may communicate directly or indirectly through one or morecommunication means or intermediaries, logical or physical.

A description of an embodiment with several components in communicationwith each other does not imply that all such components are required. Tothe contrary, a variety of optional components may be described toillustrate a wide variety of possible embodiments of one or more of theinventions and in order to more fully illustrate one or more aspects ofthe inventions. Similarly, although process steps, method steps,algorithms or the like may be described in a sequential order, suchprocesses, methods and algorithms may generally be configured to work inalternate orders, unless specifically stated to the contrary. In otherwords, any sequence or order of steps that may be described in thispatent application does not, in and of itself, indicate a requirementthat the steps be performed in that order. The steps of describedprocesses may be performed in any order practical. Further, some stepsmay be performed simultaneously despite being described or implied asoccurring non-simultaneously (e.g., because one step is described afterthe other step). Moreover, the illustration of a process by itsdepiction in a drawing does not imply that the illustrated process isexclusive of other variations and modifications thereto, does not implythat the illustrated process or any of its steps are necessary to one ormore of the invention(s), and does not imply that the illustratedprocess is preferred. Also, steps are generally described once perembodiment, but this does not mean they must occur once, or that theymay only occur once each time a process, method, or algorithm is carriedout or executed. Some steps may be omitted in some embodiments or someoccurrences, or some steps may be executed more than once in a givenembodiment or occurrence.

When a single device or article is described herein, it will be readilyapparent that more than one device or article may be used in place of asingle device or article. Similarly, where more than one device orarticle is described herein, it will be readily apparent that a singledevice or article may be used in place of the more than one device orarticle.

The functionality or the features of a device may be alternativelyembodied by one or more other devices that are not explicitly describedas having such functionality or features. Thus, other embodiments of oneor more of the inventions need not include the device itself.

Techniques and mechanisms described or referenced herein will sometimesbe described in singular form for clarity. However, it should beappreciated that particular embodiments may include multiple iterationsof a technique or multiple instantiations of a mechanism unless notedotherwise. Process descriptions or blocks in figures should beunderstood as representing modules, segments, or portions of code whichinclude one or more executable instructions for implementing specificlogical functions or steps in the process. Alternate implementations areincluded within the scope of embodiments of the present invention inwhich, for example, functions may be executed out of order from thatshown or discussed, including substantially concurrently or in reverseorder, depending on the functionality involved, as would be understoodby those having ordinary skill in the art.

Glossary of Terms

As used herein the following terms have the meaning given below:

“Unlock event”: a signal (for example, a data packet) from a systemprocess (for example, communications manager 612) sent to a device (forexample, lock manager 710) to indicate that a lock (for example, lock721) should be unlocked.

“Lock event”: a signal (for example, a data packet) from a systemprocess (for example, communications manager 612) sent to a device (forexample, lock manager 710) to indicate that a lock (for example, lock721) should be locked.

“Common Access Entry Point”: an entry point where multiple people whomay be unrelated, require access. For example, the front entrance tomulti-unit housing (for example, an apartment building, college dormbuilding, etc.), commercial establishments (for example, an officebuilding, a retail establishment, a sporting facility, etc.), a roadwayor property gate (for example, in a gated residential community, at acommercial construction site, at a parking lot, etc.)

“Automatic proximity access”: an arrangement where access is granted tocommon access entry point 720 to a requester when the requestor iswithin a pre-configured proximity of common access entry point 720.

Hardware Architecture

Generally, the techniques disclosed herein may be implemented onhardware or a combination of software and hardware. For example, theymay be implemented in an operating system kernel, in a separate userprocess, in a library package bound into network applications, on aspecially constructed machine, on an application-specific integratedcircuit (ASIC), or on a network interface card.

Software/hardware hybrid implementations of at least some of theembodiments disclosed herein may be implemented on a programmablenetwork-resident machine (which should be understood to includeintermittently connected network-aware machines) selectively activatedor reconfigured by a computer program stored in memory. Such networkdevices may have multiple network interfaces that may be configured ordesigned to utilize different types of network communication protocols.A general architecture for some of these machines may be describedherein in order to illustrate one or more exemplary means by which agiven unit of functionality may be implemented. According to specificembodiments, at least some of the features or functionalities of thevarious embodiments disclosed herein may be implemented on one or moregeneral-purpose computers associated with one or more networks, such asfor example an end-user computer system, a client computer, a networkserver or other server system, a mobile computing device (e.g., tabletcomputing device, mobile phone, wearable device, smartphone, laptop, orother appropriate computing device), a consumer electronic device, amusic player, or any other suitable electronic device, router, switch,or other suitable device, or any combination thereof. In at least someembodiments, at least some of the features or functionalities of thevarious embodiments disclosed herein may be implemented in one or morevirtualized computing environments (e.g., network computing clouds,virtual machines hosted on one or more physical computing machines, orother appropriate virtual environments).

Referring now to FIG. 1, there is shown a block diagram depicting anexemplary computing device 100 suitable for implementing at least aportion of the features or functionalities disclosed herein. Computingdevice 100 may be, for example, any one of the computing machines listedin the previous paragraph, or indeed any other electronic device capableof executing software- or hardware-based instructions according to oneor more programs stored in memory. Computing device 100 may be adaptedto communicate with a plurality of other computing devices, such asclients or servers, over communications networks such as a wide areanetwork a metropolitan area network, a local area network, a wirelessnetwork, the Internet, or any other network, using known protocols forsuch communication, whether wireless or wired.

In one embodiment, computing device 100 includes one or more centralprocessing units (CPU) 102, one or more interfaces 110, and one or morebusses 106 (such as a peripheral component interconnect (PCI) bus). Whenacting under the control of appropriate software or firmware, CPU 102may be responsible for implementing specific functions associated withthe functions of a specifically configured computing device or machine.For example, in at least one embodiment, a computing device 100 may beconfigured or designed to function as a server system utilizing CPU 102,local memory 101 and/or remote memory 120, and interface(s) 110. In atleast one embodiment, CPU 102 may be caused to perform one or more ofthe different types of functions and/or operations under the control ofsoftware modules or components, which for example, may include anoperating system and any appropriate applications software, drivers, andthe like.

CPU 102 may include one or more processors 103 such as, for example, aprocessor from one of the Intel, ARM, Qualcomm, and AMD families ofmicroprocessors. In some embodiments, processors 103 may includespecially designed hardware such as application-specific integratedcircuits (ASICs), electrically erasable programmable read-only memories(EEPROMs), field-programmable gate arrays (FPGAs), and so forth, forcontrolling operations of computing device 100. In a specificembodiment, a local memory 101 (such as non-volatile random accessmemory (RAM) and/or read-only memory (ROM), including for example one ormore levels of cached memory) may also form part of CPU 102. However,there are many different ways in which memory may be coupled to system100. Memory 101 may be used for a variety of purposes such as, forexample, caching and/or storing data, programming instructions, and thelike. It should be further appreciated that CPU 102 may be one of avariety of system-on-a-chip (SOC) type hardware that may includeadditional hardware such as memory or graphics processing chips, such asa Qualcomm SNAPDRAGON™ or Samsung EXYNOS™ CPU as are becomingincreasingly common in the art, such as for use in mobile devices orintegrated devices.

As used herein, the term “processor” is not limited merely to thoseintegrated circuits referred to in the art as a processor, a mobileprocessor, or a microprocessor, but broadly refers to a microcontroller,a microcomputer, a programmable logic controller, anapplication-specific integrated circuit, and any other programmablecircuit.

In one embodiment, interfaces 110 are provided as network interfacecards (NICs). Generally, NICs control the sending and receiving of datapackets over a computer network; other types of interfaces 110 may forexample support other peripherals used with computing device 100. Amongthe interfaces that may be provided are Ethernet interfaces, frame relayinterfaces, cable interfaces, DSL interfaces, token ring interfaces,graphics interfaces, and the like. In addition, various types ofinterfaces may be provided such as, for example, universal serial bus(USB), Serial, Ethernet, FIREWIRE™, THUNDERBOLT™, PCI, parallel, radiofrequency (RF), BLUETOOTH™, near-field communications (e.g., usingnear-field magnetics), 802.11 (WiFi), frame relay, TCP/IP, ISDN, fastEthernet interfaces, Gigabit Ethernet interfaces, Serial ATA (SATA) orexternal SATA (ESATA) interfaces, high-definition multimedia interface(HDMI), digital visual interface (DVI), analog or digital audiointerfaces, asynchronous transfer mode (ATM) interfaces, high-speedserial interface (HSSI) interfaces, Point of Sale (POS) interfaces,fiber data distributed interfaces (FDDIs), and the like. Generally, suchinterfaces 110 may include physical ports appropriate for communicationwith appropriate media. In some cases, they may also include anindependent processor (such as a dedicated audio or video processor, asis common in the art for high-fidelity A/V hardware interfaces) and, insome instances, volatile and/or non-volatile memory (e.g., RAM).

Although the system shown in FIG. 1 illustrates one specificarchitecture for a computing device 100 for implementing one or more ofthe inventions described herein, it is by no means the only devicearchitecture on which at least a portion of the features and techniquesdescribed herein may be implemented. For example, architectures havingone or any number of processors 103 may be used, and such processors 103may be present in a single device or distributed among any number ofdevices. In one embodiment, a single processor 103 handlescommunications as well as routing computations, while in otherembodiments a separate dedicated communications processor may beprovided. In various embodiments, different types of features orfunctionalities may be implemented in a system according to theinvention that includes a client device (such as a tablet device orsmartphone running client software) and server systems (such as a serversystem described in more detail below).

Regardless of network device configuration, the system of the presentinvention may employ one or more memories or memory modules (such as,for example, remote memory block 120 and local memory 101) configured tostore data, program instructions for the general-purpose networkoperations, or other information relating to the functionality of theembodiments described herein (or any combinations of the above). Programinstructions may control execution of or comprise an operating systemand/or one or more applications, for example. Memory 120 or memories101, 120 may also be configured to store data structures, configurationdata, encryption data, historical system operations information, or anyother specific or generic non-program information described herein.

Because such information and program instructions may be employed toimplement one or more systems or methods described herein, at least somenetwork device embodiments may include nontransitory machine-readablestorage media, which, for example, may be configured or designed tostore program instructions, state information, and the like forperforming various operations described herein. Examples of suchnontransitory machine- readable storage media include, but are notlimited to, magnetic media such as hard disks, floppy disks, andmagnetic tape; optical media such as CD-ROM disks; magneto-optical mediasuch as optical disks, and hardware devices that are speciallyconfigured to store and perform program instructions, such as read-onlymemory devices (ROM), flash memory (as is common in mobile devices andintegrated systems), solid state drives (SSD) and “hybrid SSD” storagedrives that may combine physical components of solid state and hard diskdrives in a single hardware device (as are becoming increasingly commonin the art with regard to personal computers), memristor memory, randomaccess memory (RAM), and the like. It should be appreciated that suchstorage means may be integral and non-removable (such as RAM hardwaremodules that may be soldered onto a motherboard or otherwise integratedinto an electronic device), or they may be removable such as swappableflash memory modules (such as “thumb drives” or other removable mediadesigned for rapidly exchanging physical storage devices),“hot-swappable” hard disk drives or solid state drives, removableoptical storage discs, or other such removable media, and that suchintegral and removable storage media may be utilized interchangeably.Examples of program instructions include both object code, such as maybe produced by a compiler, machine code, such as may be produced by anassembler or a linker, byte code, such as may be generated by forexample a Java™ compiler and may be executed using a Java virtualmachine or equivalent, or files containing higher level code that may beexecuted by the computer using an interpreter (for example, scriptswritten in Python, Perl, Ruby, Groovy, or any other scripting language).

In some embodiments, systems according to the present invention may beimplemented on a standalone computing system. Referring now to FIG. 2,there is shown a block diagram depicting a typical exemplaryarchitecture of one or more embodiments or components thereof on astandalone computing system. Computing device 200 includes processors210 that may run software that carry out one or more functions orapplications of embodiments of the invention, such as for example aclient application 230. Processors 210 may carry out computinginstructions under control of an operating system 220 such as, forexample, a version of Microsoft's WINDOWS™ operating system, Apple's MacOS/X or iOS operating systems, some variety of the Linux operatingsystem, Google's ANDROID™ operating system, or the like. In many cases,one or more shared services 225 may be operable in system 200, and maybe useful for providing common services to client applications 230.Services 225 may for example be WINDOWS™ services, user-space commonservices in a Linux environment, or any other type of common servicearchitecture used with operating system 210. Input devices 270 may be ofany type suitable for receiving user input, including for example akeyboard, touchscreen, microphone (for example, for voice input), mouse,touchpad, trackball, or any combination thereof. Output devices 260 maybe of any type suitable for providing output to one or more users,whether remote or local to system 200, and may include for example oneor more screens for visual output, speakers, printers, or anycombination thereof. Memory 240 may be random-access memory having anystructure and architecture known in the art, for use by processors 210,for example to run software. Storage devices 250 may be any magnetic,optical, mechanical, memristor, or electrical storage device for storageof data in digital form (such as those described above, referring toFIG. 1). Examples of storage devices 250 include flash memory, magnetichard drive, CD-ROM, and/or the like.

In some embodiments, systems of the present invention may be implementedon a distributed computing network, such as one having any number ofclients and/or servers. Referring now to FIG. 3, there is shown a blockdiagram depicting an exemplary architecture 300 for implementing atleast a portion of a system according to an embodiment of the inventionon a distributed computing network. According to the embodiment, anynumber of clients 330 may be provided. Each client 330 may run softwarefor implementing client-side portions of the present invention; clientsmay comprise a system 200 such as that illustrated in FIG. 2. Inaddition, any number of servers 320 may be provided for handlingrequests received from one or more clients 330. Clients 330 and servers320 may communicate with one another via one or more electronic networks310, which may be in various embodiments any of the Internet, a widearea network, a mobile telephony network (such as CDMA or GSM cellularnetworks), a wireless network (such as WiFi, Wimax, LTE, and so forth),or a local area network (or indeed any network topology known in theart; the invention does not prefer any one network topology over anyother). Networks 310 may be implemented using any known networkprotocols, including for example wired and/or wireless protocols.

In addition, in some embodiments, servers 320 may call external services370 when needed to obtain additional information, or to refer toadditional data concerning a particular call. Communications withexternal services 370 may take place, for example, via one or morenetworks 310. In various embodiments, external services 370 may compriseweb-enabled services or functionality related to or installed on thehardware device itself. For example, in an embodiment where clientapplications 230 are implemented on a smartphone or other electronicdevice, client applications 230 may obtain information stored in aserver system 320 in the cloud or on an external service 370 deployed onone or more of a particular enterprise's or user's premises.

In some embodiments of the invention, clients 330 or servers 320 (orboth) may make use of one or more specialized services or appliancesthat may be deployed locally or remotely across one or more networks310. For example, one or more databases 340 may be used or referred toby one or more embodiments of the invention. It should be understood byone having ordinary skill in the art that databases 340 may be arrangedin a wide variety of architectures and using a wide variety of dataaccess and manipulation means. For example, in various embodiments oneor more databases 340 may comprise a relational database system using astructured query language (SQL), while others may comprise analternative data storage technology such as those referred to in the artas “NoSQL” (for example, Hadoop Cassandra, Google BigTable, and soforth). In some embodiments, variant database architectures such ascolumn-oriented databases, in-memory databases, clustered databases,distributed databases, or even flat file data repositories may be usedaccording to the invention. It will be appreciated by one havingordinary skill in the art that any combination of known or futuredatabase technologies may be used as appropriate, unless a specificdatabase technology or a specific arrangement of components is specifiedfor a particular embodiment herein. Moreover, it should be appreciatedthat the term “database” as used herein may refer to a physical databasemachine, a cluster of machines acting as a single database system, or alogical database within an overall database management system. Unless aspecific meaning is specified for a given use of the term “database”, itshould be construed to mean any of these senses of the word, all ofwhich are understood as a plain meaning of the term “database” by thosehaving ordinary skill in the art.

Similarly, most embodiments of the invention may make use of one or moresecurity systems 360 and configuration systems 350. Security andconfiguration management are common information technology (IT) and webfunctions, and some amount of each are generally associated with any ITor web systems. It should be understood by one having ordinary skill inthe art that any configuration or security subsystems known in the artnow or in the future may be used in conjunction with embodiments of theinvention without limitation, unless a specific security 360 orconfiguration system 350 or approach is specifically required by thedescription of any specific embodiment.

FIG. 4 shows an exemplary overview of a computer system 400 as may beused in any of the various locations throughout the system. It isexemplary of any computer that may execute code to process data. Variousmodifications and changes may be made to computer system 400 withoutdeparting from the broader spirit and scope of the system and methoddisclosed herein. CPU 401 is connected to bus 402, to which bus is alsoconnected memory 403, nonvolatile memory 404, display 407, I/O unit 408,and network interface card (NIC) 413. I/O unit 408 may, typically, beconnected to keyboard 409, pointing device 410, hard disk 412, andreal-time clock 411. NIC 413 connects to network 414, which may be theInternet or a local network, which local network may or may not haveconnections to the Internet. Also shown as part of system 400 is powersupply unit 405 connected, in this example, to ac supply 406. Not shownare batteries that could be present, and many other devices andmodifications that are well known but are not applicable to the specificnovel functions of the current system and method disclosed herein. Itshould be appreciated that some or all components illustrated may becombined, such as in various integrated applications (for example,Qualcomm or Samsung SOC-based devices), or whenever it may beappropriate to combine multiple capabilities or functions into a singlehardware device (for instance, in mobile devices such as smartphones,video game consoles, in-vehicle computer systems such as navigation ormultimedia systems in automobiles, or other integrated hardwaredevices).

In various embodiments, functionality for implementing systems ormethods of the present invention may be distributed among any number ofclient and/or server components. For example, various software modulesmay be implemented for performing various functions in connection withthe present invention, and such modules may be variously implemented torun on server and/or client components.

Conceptual Architecture

FIG. 5 is a block diagram illustrating an exemplary system architecture500 for operating a cloud controlled common access entry point lockingsystem, according to a preferred embodiment of the invention. Accordingto the embodiment, a cloud access manager 502 may operate a cloudcontrolled access point locking system through communication via anetwork 501 such as the Internet or any suitable communication network(hereinafter referred to as “the cloud”). A common access entry point504 may operate a premise-based lock manager 503 that may communicatevia a network 501 to interact with a cloud access manager 502, generallyto send and receive lock instructions such as “unlock this entry point”,for example. User devices 505 a-n may interact with a common accessentry point 504 or directly via the cloud 501 with a cloud accessmanager 502 according to a desired use case or operation. User devices505 a-n may be any of a variety of network-connected computing devices,such as (for example) a smartphone, laptop or tablet personal computer,or a desktop workstation.

During operation, a user device 505 a-n may be used to configure system500, such as by configuring the operation or stored information of acloud access manager 502. Other user devices 505 a-n may be used tointeract with system 500, generally to gain access according to itsoperation. For example, a user with a smartphone may interact with acommon access entry point (such as a webpage interface or a mobilesoftware application operating on their smartphone) to request entry. Ifa corresponding access rule is found by a cloud access manager 502,entry may be granted and a premise-based lock manager 503 may thenunlock the entry point (such as a door or gate), allowing the user toenter. It should be appreciated that a user device 505 a-n may be anynetwork-connected electronic device, including (but not limited to) asmartphone, tablet or laptop personal computing device, desktopcomputer, or wearable electronic device such as a “smart watch” (forexample, MICROSOFT BAND™ or APPLE WATCH™).

In this manner it may be appreciated that a cloud-based access systemaccording to the embodiment offers greater functionality than other“smart lock” devices in the art. Such devices generally focus on asingle entry point and user, optionally allowing that user to configureguest access or grant entry to other users but generally requiringsignificant manual operation for such uses. Focus is placed on their useas a replacement or supplement to a single residential door lock, andthere is no means to adapt them to a community arrangement for operatinga gate or entryway to service multiple users or administration by alandlord. Using a cloud-based system according to the embodiment gives alandlord and system administrator the ability to easily and quicklyconfigure a system for operation and setup access for tenants or guests,and individual users may then grant and gain access independently.

FIG. 6 is a block diagram illustrating a more detailed view of a cloudaccess manager system 600 for use in operating a cloud controlled commonaccess entry point lock system, according to an embodiment of theinvention. According to the embodiment, a cloud access manager 610 mayoperate a plurality of software applications or interfaces, such as alocation manager 620 that may monitor user location or proximity, asecurity manager 630 that may authenticate users, a communicationsmanager 612 that may communicate via a network 601 or via externalinterfaces such as a voice over internet protocol (VoIP) gateway 602, aguest request manager 613 that may communicate via a guest interface 603to send and receive communication for guest users (such as users thatneed temporary or one-time access, for example, a courier, serviceprovider, or houseguest), a host configuration manager 614 that maycommunicate via a host interface 604 to send and receive communicationfor host users (such as residents in a community), a common access entrypoint manager 615 that may operate a common access entry point interface605 to send and receive access requests (such as instructions to a locksystem to lock or unlock), and a management server 616 that maycommunicate via an administration interface 606 to receive interactionfrom an administrative user (such as to configure operation,create/modify access rules for users, manage the system, create reports,etc.). A plurality of data storage may also be utilized, such as aproperty directory database 607 that may store and provide informationon known users or locations within a community (such as tenants andtheir apartment numbers, for example), a lock database 608 that maystore and provide information for individual lock mechanisms or entrypoints, or a keys database 609 that may store and provide informationfor specific keys or access passes. In some embodiment, access passesmay be limited by date and time, or time range, by code, or the like.

A location manager 620 may operate a mapping module 621 that may be usedto maintain map-based information for an area around or within acommunity, such as to maintain a map model for apartment units, parkingspaces, maintenance access routes, specific entry points, or any othersuch mapping data that may be relevant to a community or to a manager ortenant thereof. Location manager 620 may also operate a proximity module622 that may monitor user locations (such as through the use BLUETOOTH™,cellular or WiFi signals, geofencing or GPS pinpointing, or anycombination of suitable location technologies), to determine when a useris near an entry point and take appropriate preemptive action. In someembodiments a predefined proximity may be set and in this regard, alertsmay be triggered when a user crossed the predefined proximity threshold.For example, if it is recognized that an authorized user (such as atenant in an apartment complex) is approaching a gate or doorway that islocked, a cloud access manager 610 may instruct the entry point tounlock to allow the user to pass, so that when the user reaches the dooror gate they do not need to manually unlock it or wait for the system to“catch up”.

A security manager 630 may operate a permissions database 631 that maystore and provide permission information for users, generally tomaintain a repository of information pertaining to “who may go where”,for example. Security manager 630 may also operate a verificationmanager 632 that may verify a particular user against the permissionsdatabase 631, to determine whether or not they are an authorized user.For example, a tenant in an apartment complex might be added to apermissions database 631 as having free access to a front gate, butlimited (for example, within specific hours or only on certain days)access to a fitness room. In some embodiments, permissions database 631may be globally or individually configured to set an expiry to devicesauthorized to gain access. If the tenant approaches the front gate (asmay be determined by a location manager, as described above), theirdevice or user information may be utilized by a verification manager 632to authorize them according to the rules stored in a permissionsdatabase 631, and the gate may be unlocked. If that same user were toapproach the fitness club outside normal hours, a verification operationmay instead deny access, and the door will remain locked as they do notmeet the set permission rules for authorization.

A communications manager 612 may be used to communicate over a network601 with users or external software applications, such as to integratewith a community directory application or a payment system (for example,to block access to users who have not paid their rent after a certainperiod). A VoIP gateway 602 may be utilized as illustrated to place orreceive phone calls over an IP-based network connection, such as to calla user and deliver a verification code for use in authorization. Forexample, if a user is authorized to open a locked entry point butexperiences difficulty (for example, if there is a network outagepreventing the entry point from communicating with other components ofthe system), they may request an unlock code to manually enter to pass,such as by typing the code into a keypad operated by the entry point asa backup for use in such instances. It should be appreciated that VoIPis described as an example of user communication, and any of a varietyof communication types and protocols may be utilized simultaneously orinterchangeably according to the embodiment, and new types may be addedas necessary (for example, a user may opt to receive codes via a textmessage or email instead of a telephone call).

In a preferred embodiment, reporting manager 640 records a record of allinteractions of cloud access manager system 600, to reporting DB 641,for example, registered users, granting guest access, addition andremoval of keys, request from guests for directories, attempted accessduring restricted or unauthorized times, all keys accesses for eachconfigured common access entry points 720, metrics on accesscharacteristics, for example, accesses by GPS proximity, access by smartfob (that is, an RF device requesting authentication), access byshort-range peer-to-peer communications (for example Bluetooth™,iBeacon™, etc.). Management server 616 allows an administrator user tolog into the administration interface to view historical and real timereports on interactions within the system. Administrator interface 606provides graphical tools to present data in a useful way to manage thesystem both historically and in real-time. Management server 616 mayprovide high availability and management of system components, forexample, via small network management protocol (SNMP) or the like.

FIG. 7 is a block diagram illustrating a more detailed view ofpremise-based lock manager 710 and client operation 700 for use inoperating a cloud controlled common access entry point locking system,according to an embodiment of the invention. According to theembodiment, premise-based lock manager 710 may operate a communicationmanager 711 to send and receive communication via a network 701, forexample a WiFi or cellular data network. Premise-based lock manager 710may also operate a plurality of lock control interfaces 712 that mayinteract with locks or other access mechanisms such as motorized gatesor window shutters, and premise-based lock manager 710 may also operatea lock control manager 713 that may configure and manage the operationof the plurality of lock control interfaces 712. For example, a singlepremise-based lock manager 710 may operate multiple motorized windowshutters (such as in a retail storefront that shutters the windows afterclosing), each managed by a discrete lock control interface 712. Thisapproach ensures robustness of a system 700 by incorporating redundancyin the lock controls, such that if a single lock mechanism or controlinterface fails, others may not be affected.

According to the embodiment, a mobile device 800 (such as a smartphoneor personal computer) may operate a software-based mobile interface 810for interacting with a premise-based lock manager 710. Mobile device 800may also communicate via a network 701 to directly interact withpremise-based lock manager 710 or other components without the use of aninterface 810, for example, for background communication (such as when auser's smartphone is in their pocket, for example). In anotherembodiment, mobile device 800 may communicate directly withpremise-based lock manager 710 via Bluetooth™, iBeacon™, RF, NFC, andthe like. In another embodiment, mobile device 800 may be a key fobdevice to initiate an unlock request. In this regard, mobile interface810 may sense a key fob 800 and request permission form lock manager710. In some embodiments, communication manager 711 may further requestaccess from cloud access manager 610 through cloud 701. Access may begranted based on permissions configured in permissions DB 631. Forexample, key fob 800 may be assigned to maintenance staff (for example,cleaning staff, repair staff, etc.) who are only authorized to accesscommon access entry point 720 at particular pre-configures times of day.In this regard, lock manager 710 allows access during authorized periodsand denies access during unauthorized periods. In some embodiments, auser first authenticates themselves using the key fob and enters apre-configured personal identification number (PIN) on lock controlinterface 712, followed by a code displayed on lock control interface712.

In a preferred embodiment, lock 721 is a circuit driven platform (forexample, Arduino™, printed circuit board, FPGA, EEPROM, etc.) thatcontrols a door lock via external relay module (for example,electromechanical relay (EMR), solid-state relay (SSR)). Cloud 701 maybe a mobile network (for example, GSM, CDMA, and the like). In someembodiments, relay module may control an external electronic door lockvia 2-channel isolated relay module. Common access entry point 720, whenclosed, is this regard, requires, for example, 12V/600 mA signal forstate changing. To produce the signal external, a +12V AC/DC powersupply may be connected to lock 721 by connecting through the relaymodule. In some embodiment, two relays may normally opened. A firstrelay is connects power supply output with a coil. A second relay maydrive the coil to change lock state. This 2-stage operation increasesreliability and greatly minimizes the chance of fail-switching. Relaycoils may transfers electrical signals between the two isolated circuitsby using light via an optocouplers on relay module via a circuitconnection GPIO and may provide electrical isolation and improved noiseimmunity for control board. To indicate a lock state, lock manager 710may drive RGB LED circuitry in a “face plate” (not shown) via anexternal relay module with the same operation principle as in case oflock driver.

The face plate may consists of, for example an RGB LED ribbon powered byexternal +12V AC/DC supply and driven by external relay module viacircuitry general purpose input/output (GPIO). The RGB LED ribbon mayilluminate a flat light guide panel from inside of “face plate”enclosure thus indicating lock state with different colors.

FIG. 8 is a block diagram of an exemplary interface 810 for operating acloud controlled common access entry point locking system, according toan embodiment of the invention. Mobile device 800 comprises a locationmanager 811, directory display 812, communication client 813, userprofile 814, user interface 815, knock 816, auto request manager 817,and key manager 818. Location manager 811 maintains a current locationof mobile device 800. In a preferred embodiment, mobile 800 transmitsits global location (for example, GPS or location determined by othermeans such as WiFi triangulation) to location manager 620 through cloud601 (for example, a cell network). In a preferred embodiment, directorydisplay 812 displays a directory of tenants in, for example, anapartment building or industrial plaza. In some embodiments, tenantdirectories are automatically downloaded when mobile device 800 hasdetermined that it is within physical proximity of community accesspoint 720. In other embodiments, a directory may be manually requestedthrough a manual request via directory display 812. Communication client813 allows mobile device 800 to initiate a communication with a host(that is, for example, a tenant in an apartment building). Communicationmay be, for example, audio (for example, a VoIP conversation), video(for example, via Skype or a custom built video communicationapplication), text (for example, email or SMS) and initiating theplayback of an audio file (for example a custom recorded audio fileassociated with a particular guest) at a host device 505 n. User profile814 configures the user information of mobile device 800, for example,name, address, preferences, credit card information, etc. In oneembodiment, common access entry point 720 may be, for example, the frontdoor to a self-serve movie theatre where mobile device 800 automaticallysubmits a payment to, for example, a payment service operating on cloud701 for payment of a ticket to access the theatre to watch a movie. Userinterface 815 allows the user of mobile device 800 to interact with thesystem, for example, to invite guests by granting access to commonaccess entry point 720, to set user preferences 814, to interact withhost 505 a, etc. Knock 816 may be used to imitate the playback of aprerecorded audio file on host device 505 n (for example, playing a wayfile that sounds like a knock on a door). Auto request manager 817, mayautomatically request access to common access entry point 720 when apreconfigured threshold of physical proximity has been passed for commonaccess entry point 720, for example, if mobile device 800 is within fivemeters of common access entry point 720, location manager 811 sends analert to auto request manager 817 and an access request may beautomatically sent to cloud 701 to initiate an unlock event. Forexample, an emergency vehicle such as an ambulance may have anin-vehicle communication device 800 installed that is connected to cloud701 (for example, a public cellular network). When the emergency vehicleapproaches common access entry point 720, for example, a gate in a gatedcommunity operated by system 500, auto request manager 817 mayautomatically send an unlock request through cloud 701 to securitymanager 630 without the need of manual user intervention. Securitymanager 630 checks permission DB 631 and determines that the ambulancehas access to common access entry point 720 and automatically sends anunlock event to common access entry point 720 without manual userintervention. Key manager 818 maintains a record (i.e. a key) for eachcommon access entry point 720 to which it may have access. For example,the user of device 800 may be a cleaning staff member. In this regard,the user may browse user interface 815 to select a preconfigured keywithin key manager 815 to access a particular common access entry point720.

In some embodiments, a revenue arrangement may be made with governmentalservices or commercial establishments, where access can be given tocommon access entry point 720. For example, the operator of system 600may provide access (for example, automatic proximity access) to acommercial establishment (for example, a retail pizza provider, atelevision cable provider, FedEx™, UPS™, USPS™, etc.) or governmentalestablishments (for example, law enforcement, counter-terrorism groups,emergency services such as medical services or hazmat teams, etc.)wherein the commercial or governmental establishment may have automaticaccess to a plurality of common access entry points 720 without havingto request access on each service call or delivery. It can beappreciated by one with ordinary skill in the art that a commercial orgovernmental establishment having access to a plurality of common accessentry points 720 would provide more efficient and profitable commercialservices and more efficient governmental services, thus a revenue model(for example a subscription) arrangement may be made with the commercialor governmental services.

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS

FIG. 9 is a method for accessing a common access entry point. In step901, location manager 620 receives periodic global position information,for example GPS coordinates, triangulated position, etc., from mobiledevice 800, for example, a mobile phone that is preconfigured for accessin permissions DB 631. In some embodiments, mobile device 800 may be awearable electronic device, such as a smartwatch. Location manager 620creates a record of the mobile device in mapping module 621. Proximitymodule 622 keeps track of mobile device 800 and its periodic proximityto premise-based lock manager 710. In step 902, a request is receivedfrom guest interface 603 requesting access, for example, to unlock,premise-based lock manager 710. In one embodiment, a request for accessis sent in step 905, for example, by clicking button on user interface815 on mobile device 800. In this regard a request for access is sent tocloud access manager 601 and appropriate actions taken. In anotherembodiment, mobile phone 800 sends the request directly to premise-basedlock manager 710, for example, by creating a connection between mobiledevice 800 and premise-based lock manager 710 through Bluetooth™,iBeacon™, NFC, RF, or the like. In another embodiment, mobile device 800may request a tenant directory in step 903, and a list of availabletenants may be sent to mobile device 800. A tenant directory may be, forexample, a list of names of tenants in a multi-unit housing complex, orthe names of businesses in a business park. In another embodiment,mobile device 800 may request communication with host 505 a in step 904,for example, a voice, short message service (SMS), email, videocommunication, or by triggering the playback of an audio file (forexample, the sound of a knock) or video file. In this regard,communication may take place between mobile device 800 and a host 505 a.In step 906, security manager 630 may determine, by accessingpermissions DB 631, if mobile device 800 has permission to common accessentry point 720. In one embodiment, access to common access entry point720 by mobile device 800 may only be granted at a specific time of day,days per week, or some other preconfigured schedule of access. Inanother embodiment, access to common access entry point 720 by mobiledevice 800 may only be granted for a predefined number of times. Forexample, a customer of a fitness center purchases a set number ofpasses, access may be granted only for the number of passes purchased.In some embodiments, mobile device 800 requests access by sending ashort message server message (SMS) to cloud access manager 610. Ifverification manager 632 determines that access is not granted, mobiledevice 800 is notified of the denial. If verification manager 632determines that access is granted, mobile device 800 is notified thataccess is granted and in step 909, security manager sends an unlockevent to cloud 601 with a destination of premise-based lock manager 710.In one embodiment, verification manager 632 sends an SMS message with acode where the user of mobile device 800 may then enter the codedirectly to lock control manager 713.

FIG. 10 is a block diagram of an exemplary method for inviting a guestto access a common access entry point using a mobile application. Instep 1001, host device 505 a, for example a tenant in an apartmentbuilding, accesses an invitation screen through user interface 815 frommobile device 800. In step 1002, host device 505 a selects a guest toinvite, for example, by accessing a contact list of host device 505 a orby entering a mobile number of a guest. In step 1003, a request is sentto guest interface 603 and the request passes to guest request manager613. Guest request manager 613 then stores details of the guest (forexample, their mobile number) in keys DB 609. If the guest has anappropriate mobile application installed, for example, the one disclosedin the instant invention, a key will be stored in key manager 818 of theguest mobile device 800. If an appropriate mobile application is notinstalled on guest device 800, a code may be created by security manager630 and sent to the guest, for example, in the form of an email or SMSmessage. In step 1004, the host may set parameters for the guest access,for example, time of day, days of the week, etc. that access may begranted for common access entry point 720 for guest device 800.

1. A common access entry point lock management system, comprising: anetwork-connected server comprising at least a memory and a processorand further comprising programmable instructions stored in the memoryand operating on the processor, the instructions adapted to a system forlocking, unlocking, and managing the common access entry pointcomprising: a configuration database; a host configuration manager; aguest request manager; a location manager; a security manager; and, acommunications manager; wherein access by users to one or more lockingdevices are configured via the host configuration manager and stored inthe configuration database; wherein the guest request manager isconfigured to receive access requests from one or more mobile devices toaccess one or more common access entry point locking devices; whereinthe location manager is configured to periodically receive globalposition information of the one or more mobile devices registered in theconfiguration database; wherein the security manager is configured tostore one or more identifiers corresponding to the one or more mobiledevices and the one or more locking devices to which the one or moremobile devices have access; wherein the communication manager isconfigured to receive communication from the one or more mobile devices.2. The system of claim 1, further wherein the location manager isconfigured to receive an alert that a first mobile device is within apredefined distance of a first common access entry point.
 3. The systemof claim 2, further wherein the host configuration manager is configuredto determine that the first mobile device has been configured to triggeran unlock event to the first common access entry point.
 4. The system ofclaim 3 further wherein, the security manager is configured to receivean unlock request from the first mobile device to unlock the firstcommon access entry point, and further wherein the security manager isconfigured to send the unlock event to a lock manager connected to thefirst common access entry point.
 5. The system of claim 3 furtherwherein, the communication manager is configured to send the unlockevent automatically to a lock manager connected to the first commonaccess entry point when the global position of the first mobile deviceindicates that the first mobile device is within a pre-configuredphysical proximity to the first common access entry point.
 6. The systemof claim 2, wherein the common access entry point is a front door of amulti-unit housing complex.
 7. The system of claim 2, wherein the commonaccess entry point is a roadway entrance gate in a gated community. 8.The system of claim 2, wherein the first mobile device is selected froma group consisting of a smartphone, a tablet device, a wearableelectronic device, and an in-vehicle communication device.
 9. A methodfor accessing common access entry point, comprising: a network-connectedserver comprising at least a memory and a processor and furthercomprising programmable instructions stored in the memory and operatingon the processor, the instructions adapted to a system for locking andmanaging a the common access entry point comprising the steps of:periodically receiving global position information of a mobile devicesthat is preconfigured in a configuration database; receiving a requestfor access to the common access entry point from the mobile device;determining if the request has been granted; and, sending an unlockevent to a lock manager connected to the common access entry point. 10.The method of claim 9, wherein the request for access is a request for atenant directory.
 11. The method for accessing common access entry pointof claim 10, wherein the unlock event is sent to the lock manager aftera tenant from a directory is contacted and has granted access to thecommon access entry point.
 12. The method for accessing common accessentry point of claim 9, wherein the unlock event is sent automaticallywhen the global position of the mobile device indicates that the mobiledevice is within a predefined physical proximity to the common accessentry point.
 13. The method for accessing common access entry point ofclaim 9, wherein the request for access is a communication requestselected form the group consisting of initiating a voice communication,initiating a text-based communication, initiating a video communication,and triggering the playback of a pre-recorded sound.
 14. A cloud-basedlocking device management system, comprising: a network-connected servercomprising at least a memory and a processor and further comprisingprogrammable instructions stored in the memory and operating on theprocessor, the instructions adapted to a system for locking andunlocking a common access entry point comprising: a lock controlinterface; a communication manager; a lock control manager; wherein thelock control interface is connected to a lock of a the common accessentry point and able to lock and unlock a locking device thereon;wherein the communication manager is configured to receive a request tolock and unlock the locking device; wherein the lock control manager isconfigured with a plurality of identifiers that are able to trigger anunlock event further wherein the unlock event causes the locking deviceto unlock.
 15. The cloud-based locking device management system of claim14, wherein the communication manager is configured to receive lock andunlock requests from the cloud.
 16. The cloud-based locking devicemanagement system of claim 14, wherein the communication manager isconfigured to receive lock and unlock requests from a short-rangewireless interconnected device.
 17. The cloud-based locking devicemanagement system of claim 14, wherein the lock control manager isconfigured to accept an alphanumeric code to trigger a lock or unlockevent.
 18. The cloud-based locking device management system of claim 14,wherein the communication manager is configured to receive lock andunlock requests from a radio frequency transmission.
 19. The cloud-basedlocking device management system of claim 14, wherein the communicationmanager is configured to receive lock and unlock requests from a nearfield communication device.
 20. The cloud-based locking devicemanagement system of claim 14, wherein the identifiers correspond tousers of mobile devices.